[kismac] Re: weak IVs

  • From: Lasse Jespersen <l.j@xxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Mon, 12 Jul 2004 15:17:39 +0200

to Mick:


The question that begs to be asked is then: Has this new feature worked in your tests? Or is it theoretical? If it HAS worked, how long do you reckon I would have to pick up traffic from a given wlan to be able to crack it?

At some point in the process, Ill want to try an attack on the dump, and doing THAT -stops- the sniffing process, forcing me to restart it later if I want to continue my attack -- obviously if the first attack was unsuccessful.

I'd use pcapmerge ( pcapmerge.sf.net afair ) to merge the different pcapdumps, but thus far I havent used it. I assume it will be able to merge dump1 with dump2 with dump3 et cetera, is this correct? ( it's a perlscript so it would work with no problems in osx ).

I tried using the kismac pcapdumps with dwepcrack ( the newest ( yet old ) release of bsd-airtools ), but receieved some errors about dwepcrack being unable to read these dumps.. Thought this might be of interest to you.

May I be so bold as to inquire when you'll continue working - if only a little - on the greatest stumbler of all time? I hate dstumbler and kismet with a passion..

Thanks if you do, thanks if you dont..


On 11. jul 2004, at 18:44, Michael Rossberg wrote:


using kismac 0.12a i joyfully collected some 8000 weak IVs from a nearby network. however this was insufficient to crack wep. when i imported the pcap dump into 0.11b, i had 1 weak IV in total... I can provide this dump if it will help fix what appears to be a bug.

this is actually a feature. i outlined it briefly in a mail in may. the idea is the following. there are a number of ivs, which are always weak. this is what airsnort usually collects and what was told in the FMS paper. however there are ivs which can be weak, depending on the chosen key. this is an additional vulnerability which was discovered by h1kari <http://www.dachb0den.com/projects/bsd-airtools/wepexp.txt>. kismac will keep this packets too, and do the selection of weak or not later on. hope this helps


Other related posts: